package com.edwin.websitebe.controller;

import cn.hutool.crypto.digest.DigestUtil;
import com.edwin.websitebe.annotation.Admin;
import com.edwin.websitebe.dto.LoginDTO;
import com.edwin.websitebe.dto.ResetPasswordDTO;
import com.edwin.websitebe.model.User;
import com.edwin.websitebe.service.UserService;
import com.edwin.websitebe.util.TokenUtil;
import com.edwin.websitebe.vo.LoginVO;
import com.edwin.websitebe.vo.ResultVO;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import java.util.List;
import java.util.Objects;

@RestController
@RequestMapping("/user")
public class UserController {

    @Autowired
    private UserService service;

    @GetMapping("/loginUser")
    public ResultVO<User> loginUser() {
        return new ResultVO<User>().success(service.getLoginUser());
    }

    @GetMapping("/list")
    public ResultVO<List> list() {
        return new ResultVO<List>().success(service.list());
    }

    @Admin
    @PostMapping("/saveOrUpdate")
    public ResultVO<Void> saveOrUpdate(@RequestBody User user) {
        if (StringUtils.isEmpty(user.getUsername()) || user.getUsername().length() < 11) {
            return new ResultVO<Void>().fail("101", "手机号非法");
        }
        User loginUser = service.getLoginUser();
        if (!loginUser.getIsAdmin()) {
            return new ResultVO<Void>().fail("101", "用户无权限");
        }
        if (StringUtils.isEmpty(user.getPassword()) && Objects.isNull(user.getId())) {
            String substring = user.getUsername().substring(5);
            user.setPassword(substring);
        }
        service.saveOrUpdate(user);
        return new ResultVO<Void>().success();
    }

    @PostMapping("/login")
    public ResultVO login(@Validated @RequestBody LoginDTO dto) {
        User user = service.getByUsername(dto.getUsername());
        if (Objects.isNull(user)) {
            return new ResultVO().fail("1", "用户不存在");
        }
//        boolean match = DigestUtil.sha256Hex(dto.getPassword()).equals(user.getPassword());
        boolean match = dto.getPassword().equals(user.getPassword());
        if (match) {
            LoginVO loginVO = new LoginVO();
            loginVO.setToken(TokenUtil.createToken(user.getId()));
            return new ResultVO().success(loginVO);
        } else {
            return new ResultVO().fail("1", "密码错误");
        }

    }

    @PostMapping("/updateProfile")
    public ResultVO updateProfile(@RequestBody User user) {
        User loginUser = service.getLoginUser();
        loginUser.setUsername(user.getUsername());
        loginUser.setNickname(user.getNickname());
        service.updateById(loginUser);
        return new ResultVO().success();
    }

    @PostMapping("/resetPassword")
    public ResultVO resetPassword(@RequestBody ResetPasswordDTO dto) {
        String oldPasswordSha = dto.getOldPassword();
        User user = service.getLoginUser();
        String password = user.getPassword();
        if (password.equals(oldPasswordSha)) {
            user.setPassword(dto.getPassword());
            service.updateById(user);
            return new ResultVO().success();
        } else {
            return new ResultVO().fail("1", "原密码输入错误");
        }
    }

    @GetMapping("/getById")
    public ResultVO getById(@RequestParam Long id) {
        User user = service.getById(id);
        return new ResultVO().success(user);
    }

    @DeleteMapping("/delete")
    public ResultVO delete(@RequestParam Long id) {
        User loginUser = service.getLoginUser();
        if (!loginUser.getIsAdmin()) {
            return new ResultVO().fail("101", "用户无权限");
        }
        if (id.equals(loginUser.getId())) {
            return new ResultVO().fail("101", "不能删除登录用户");
        }
        service.removeById(id);
        return new ResultVO().success();
    }

}
